Open Stack Summit 2016 Open Stack Summit Austin

  • Slides: 40
Download presentation
Open. Stack®® Summit 2016 Open. Stack Summit. Austin 2016

Open. Stack®® Summit 2016 Open. Stack Summit. Austin 2016

Configure, Deploy and Troubleshoot DVR SNAT HA Adolfo Duarte Swaminathan Vasudevan Hardik Italia 2

Configure, Deploy and Troubleshoot DVR SNAT HA Adolfo Duarte Swaminathan Vasudevan Hardik Italia 2

Agenda § Introduction § Configurations § Namespaces § Traffic Flow / Troubleshooting § Lab-Setup

Agenda § Introduction § Configurations § Namespaces § Traffic Flow / Troubleshooting § Lab-Setup & Hands On Exercise. §Q&A 3

Introduction 4

Introduction 4

DVR SNAT HA Configuration Overview – There are NO NEW options added to config

DVR SNAT HA Configuration Overview – There are NO NEW options added to config files: neutron. conf, ml 2. ini, etc… – Enable and configure HA *and* DVR – Set number of agents which will participate in the ha group – Configure default router type: CVR(legacy), DVR, 5

DVR SNAT HA Configuration Overview 6

DVR SNAT HA Configuration Overview 6

“Controller” node configuration example – Add the following to /etc/neutron. conf: [DEFAULT] router_distributed =

“Controller” node configuration example – Add the following to /etc/neutron. conf: [DEFAULT] router_distributed = True l 3_ha_net_cidr = 169. 254. 192. 0/18 max_l 3_agents_per_router = 3 min_l 3_agents_per_router = 2 7

“Network” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing

“Network” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing = True 8

“Network” node configuration example – Add the following to /etc/neutron/l 3_agent. ini: [DEFAULT] ha_confs_path

“Network” node configuration example – Add the following to /etc/neutron/l 3_agent. ini: [DEFAULT] ha_confs_path = /opt/stack/data/neutron/ha_confs ha_vrrp_auth_type = PASS ha_vrrp_auth_password = password ha_vrrp_advert_int = 2 agent_mode = dvr_snat 9

“Compute” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing

“Compute” node configuration example – Add the following to /etc/neutron/plugins/ml 2_conf. ini [agent] enable_distributed_routing = True – Add the following to /etc/neutron/l 3_agent. ini: [DEFAULT] agent_mode = dvr 10

L 3 Agent modes: § dvr_snat & dvr 11

L 3 Agent modes: § dvr_snat & dvr 11

Create DVR SNAT HA router: neutron router-create name-of-router --distributed=True --ha=True 12

Create DVR SNAT HA router: neutron router-create name-of-router --distributed=True --ha=True 12

Qrouter & SNAT Namespaces – HA_Status is available under l 3 -agent-list-hosting-router. – qrouter

Qrouter & SNAT Namespaces – HA_Status is available under l 3 -agent-list-hosting-router. – qrouter & snat namespaces on Controller/Network nodes. 13

Qrouter & SNAT Namespaces Controller 1 14

Qrouter & SNAT Namespaces Controller 1 14

Qrouter & SNAT Namespaces Controller 2 15

Qrouter & SNAT Namespaces Controller 2 15

Qrouter & SNAT Namespaces § Attach internal networks to router § Attach external network

Qrouter & SNAT Namespaces § Attach internal networks to router § Attach external network to router 16

Qrouter & SNAT Namespaces Controller 1 17

Qrouter & SNAT Namespaces Controller 1 17

Qrouter & SNAT Namespaces Controller 2 18

Qrouter & SNAT Namespaces Controller 2 18

Router namespace on Compute node 19

Router namespace on Compute node 19

Traffic flow § East-West § VM to VM § VMs on same compute node.

Traffic flow § East-West § VM to VM § VMs on same compute node. 20

Traffic flow § Neutron ports – OVS ports § sudo ovs-vsctl show § sudo

Traffic flow § Neutron ports – OVS ports § sudo ovs-vsctl show § sudo ovs-ofctl dump-port-desc br-int 21

Traffic flow § sudo ovs-ofctl dump-flows br-int § Table 0 - From br-tun with

Traffic flow § sudo ovs-ofctl dump-flows br-int § Table 0 - From br-tun with dl_src=LMAC, go to Table 1 § Table 0 – In_port=VM_PORT, ARP, go to Table 24 § Table 0 – In_port=VM_PORT, go to Table 25 § Table 0 - Normal processing. § Table 1 - Strip VLAN_ID, set src_mac=router’s ifce, go to VM port § Table 24 - In_port=VM_PORT, ARP, arp_spa=VM_IP, go to Table 25 § Table 25 – In_port=VM_PORT, dl_src=VM_SRC_MAC, Normal processing 22

Traffic flow § sudo ovs-ofctl dump-flows br-int 23

Traffic flow § sudo ovs-ofctl dump-flows br-int 23

Traffic flow § sudo ovs-appctl fdb/show br-int 24

Traffic flow § sudo ovs-appctl fdb/show br-int 24

Traffic flow § sudo ovs-appctl ofproto/trace <br-name> in_port=N, dl_src=SRC_MAC § man ovs-vswitchd 25

Traffic flow § sudo ovs-appctl ofproto/trace <br-name> in_port=N, dl_src=SRC_MAC § man ovs-vswitchd 25

Traffic flow 26

Traffic flow 26

Traffic flow § East-West § VM to VM § VMs on different compute node.

Traffic flow § East-West § VM to VM § VMs on different compute node. § Routing on source node. 27

§ sudo ovs-ofctl dump-flows br-int (Source-Node) § Table 0 – In_port=VM_PORT, go to Table

§ sudo ovs-ofctl dump-flows br-int (Source-Node) § Table 0 – In_port=VM_PORT, go to Table 25 § Table 0 - NORMAL processing. § Table 25 – In_port=VM_PORT, dl_src=VM_SRC_MAC, Normal processing § sudo ovs-ofctl dump-flows br-tun (Source-Node) § Table 0 – From br-int & go to table 1 § Table 1 – Set LMAC & go to table 2 § Table 2 – Unicast & go to table 20 § Table 2 – Multicast/Broadcast & go to table 22 § Table 20 – Strip VLAN_ID, Set Tunnle_ID & Output to Vx. LAN Tunnel. § Table 22 - Strip VLAN_ID, Set Tunnle_ID & Output to Vx. LAN Tunnel. 28

Traffic flow 29

Traffic flow 29

Traffic flow § sudo ovs-ofctl dump-flows br-tun (On Destination Node) § Table 0 –

Traffic flow § sudo ovs-ofctl dump-flows br-tun (On Destination Node) § Table 0 – From Vx. LAN tunnels, go to table 4 § Table 4 – Match on tunnel_id, modify to local VLAN_ID, go to Table 9 § Table 9 – Match on LMAC, go to br-int 30

Traffic flow § sudo ovs-ofctl dump-flows br-int (On Destination Node) § Table 0 –

Traffic flow § sudo ovs-ofctl dump-flows br-int (On Destination Node) § Table 0 – From br-tun with dl_src=LMAC, go to Table 1 § Table 1 – Strip VLAN_ID, set src_mac=router’s ifce, go to VM port 31

Traffic flow § CSNAT § VM to External World. 32

Traffic flow § CSNAT § VM to External World. 32

Traffic flow § Rules to send traffic from qrouter to snat for external world.

Traffic flow § Rules to send traffic from qrouter to snat for external world. 33

Traffic flow § CSNAT HA 34

Traffic flow § CSNAT HA 34

Traffic flow § CSNAT HA 35

Traffic flow § CSNAT HA 35

Traffic flow § N-S § External world to VM 36

Traffic flow § N-S § External world to VM 36

Traffic flow 37

Traffic flow 37

Traffic flow 38

Traffic flow 38

Lab-Setup & Hands On Exercise. § Instructions for multimode devstack setup. § File: DVR-SNAT-HA-LAB-SETUP-Instructions.

Lab-Setup & Hands On Exercise. § Instructions for multimode devstack setup. § File: DVR-SNAT-HA-LAB-SETUP-Instructions. pdf § Guide for hands on lab for DVR-SNAT-HA. § File: DVR-SNAT-HA-HANDS-ON-LAB-Instructions. pdf 39

Thank you 40

Thank you 40

Open Stack Summit 2016 Open Stack Summit AustinOpen Stack Summit 2016 Open Stack Summit Austin
Open Stack Open Stack Open Stack Neutron NeutronOpen Stack Open Stack Open Stack Neutron Neutron
Stack Implementation with Arrays Stack stack new StackStack Implementation with Arrays Stack stack new Stack
Austin Open Stack Summit April 2016 Orchestrating TasksAustin Open Stack Summit April 2016 Orchestrating Tasks
Open Stack Open Source Cloud Software Open StackOpen Stack Open Source Cloud Software Open Stack
Stack Frames and Advanced Procedures Stack Frames StackStack Frames and Advanced Procedures Stack Frames Stack
STACK and Stack Pointer Stack Definition and CharacteristicsSTACK and Stack Pointer Stack Definition and Characteristics
STACK Yohana Nugraheni Pengertian STACK l l STACKSTACK Yohana Nugraheni Pengertian STACK l l STACK
STACK TMS 10 STACK TMS 13 STACK TMSSTACK TMS 10 STACK TMS 13 STACK TMS
Working with the Stack Stack concept Stack isWorking with the Stack Stack concept Stack is
u ADT Stack 0 Stack Stack item Elementu ADT Stack 0 Stack Stack item Element
3 structure Stack 0 stack Stack item element3 structure Stack 0 stack Stack item element
DATA STRUCTURE STACK Stack A stack is aDATA STRUCTURE STACK Stack A stack is a
LOGO STRUKTUR DATA STACK PENGERTIAN STACK LOGO StackLOGO STRUKTUR DATA STACK PENGERTIAN STACK LOGO Stack
6 Stack ADTs Stack concepts Stack applications A6 Stack ADTs Stack concepts Stack applications A
Stack Sampling Stack Sampling Stack sampling data isStack Sampling Stack Sampling Stack sampling data is
Open Stack NUMA Nova Open Stack Who 1Open Stack NUMA Nova Open Stack Who 1
Open Stack Octavia Kubernetes and Terraform Open StackOpen Stack Octavia Kubernetes and Terraform Open Stack
Open Stack Open Stack Free opensource cloudcomputing softwareOpen Stack Open Stack Free opensource cloudcomputing software
Open Stack Board Update Validating Open Stack CompatibleOpen Stack Board Update Validating Open Stack Compatible
Austin ISSA Chapter Meeting 12 Oct 2016 AustinAustin ISSA Chapter Meeting 12 Oct 2016 Austin
title Summit summit location date of summit hashtagtitle Summit summit location date of summit hashtag
World Summit 2020 World Summit Series No SummitWorld Summit 2020 World Summit Series No Summit
Austin TX Austin Computer Society Chapter Fawzi BehmannAustin TX Austin Computer Society Chapter Fawzi Behmann